On Wed, Feb 03, 2010 at 09:24:26PM +0000, Brian Candler wrote: > > > (9) The _users db itself is world-readable (showing not only who your > > > users > > > are, but their password hashes). Highly undesirable. > > > > I actually consider this a feature. We'd like to get some stronger > > password hashing (see the bcrypt threads) which should help with the > > password parts.
Actually, passwords aren't even the issue. Just revealing the *usernames* of all the users on the system is the problem. For example, if I were a competitor to couch.io, I would be very happy to download a list of customers I should be poaching :-) Regards, Brian.
